Audio Replay Attack Detection with Deep Learning Frameworks

Lavrentyeva, Galina; Novoselov, Sergey; Malykh, Egor; Kozlov, Alexander; Kudashev, Oleg; Shchemelinin, Vadim

doi:10.21437/interspeech.2017-360

Cited by 236 publications

(189 citation statements)

References 13 publications

Supporting

Mentioning

188

Contrasting

Order By: Relevance

“…We operate on power spectrograms instead of other alternative time-frequency representations, following findings in [25]. All our sub-CNNs use the architecture described in [26], which is an adapted version of the best performing model [25] in the ASVspoof 2017 challenge. It consists of 9 convolutional layers, 5 max-pooling layers and 2 fully connected (FC) layers.…”

Section: Proposed Methodologymentioning

confidence: 99%

“…The input to the network is a mean-variance normalized log power spectrogram of 3 seconds. This normalisation, motivated from [25], is performed at the utterance-level to standardize the features (zero mean and unit variance for all frequency bins) within a given recording. We use a 512-point fast Fourier transform (FFT), and a 32 ms window with a hop of 10 ms.…”

Section: Input Representation and Preprocessingmentioning

confidence: 99%

See 1 more Smart Citation

Ensemble Models for Spoofing Detection in Automatic Speaker Verification

et al. 2019

View full text Add to dashboard Cite

Spectrograms -time-frequency representations of audio signals -have found widespread use in neural network-based spoofing detection. While deep models are trained on the fullband spectrum of the signal, we argue that not all frequency bands are useful for these tasks. In this paper, we systematically investigate the impact of different subbands and their importance on replay spoofing detection on two benchmark datasets: ASVspoof 2017 v2.0 and ASVspoof 2019 PA. We propose a joint subband modelling framework that employs n different sub-networks to learn subband specific features. These are later combined and passed to a classifier and the whole network weights are updated during training. Our findings on the ASVspoof 2017 dataset suggest that the most discriminative information appears to be in the first and the last 1 kHz frequency bands, and the joint model trained on these two subbands shows the best performance outperforming the baselines by a large margin. However, these findings do not generalise on the ASVspoof 2019 PA dataset. This suggests that the datasets available for training these models do not reflect real world replay conditions suggesting a need for careful design of datasets for training replay spoofing countermeasures.

show abstract

Section: Proposed Methodologymentioning

confidence: 99%

Section: Input Representation and Preprocessingmentioning

confidence: 99%

Ensemble Models for Spoofing Detection in Automatic Speaker Verification

et al. 2019

View full text Add to dashboard Cite

show abstract

“…The main motivation to use the T frames at the beginning is to build fixed-length utterance-level countermeasure models, which is a commonly adopted design choice for anti-spoofing systems, e.g. [15,14].…”

Section: Features and Input Representationmentioning

confidence: 99%

Deep generative variational autoencoding for replay spoof detection in automatic speaker verification

Chettri

Kinnunen

Benetos

2020

Computer Speech & Language

View full text Add to dashboard Cite

Automatic speaker verification (ASV) systems are highly vulnerable to presentation attacks, also called spoofing attacks. Replay is among the simplest attacks to mount -yet difficult to detect reliably. The generalization failure of spoofing countermeasures (CMs) has driven the community to study various alternative deep learning CMs. The majority of them are supervised approaches that learn a human-spoof discriminator. In this paper, we advocate a different, deep generative approach that leverages from powerful unsupervised manifold learning in classification. The potential benefits include the possibility to sample new data, and to obtain insights to the latent features of genuine and spoofed speech. To this end, we propose to use variational autoencoders (VAEs) as an alternative backend for replay attack detection, via three alternative models that differ in their class-conditioning. The first one, similar to the use of Gaussian mixture models (GMMs) in spoof detection, is to train independently two VAEs -one for each class. The second one is to train a single conditional model (C-VAE) by injecting a one-hot class label vector to the encoder and decoder networks. Our final proposal integrates an auxiliary classifier to guide the learning of the latent space. Our experimental results using constant-Q cepstral coefficient (CQCC) features on the ASVspoof 2017 and 2019 physical access subtask datasets indicate that the C-VAE offers substantial improvement in comparison to training two separate VAEs for each class. On the 2019 dataset, the C-VAE outperforms the VAE and the baseline GMM by an absolute 9 -10% in both equal error rate (EER) and tandem detection cost function (t-DCF) metrics. Finally, we propose VAE residuals -the absolute difference of the original input and the reconstruction as features for spoofing detection. The proposed frontend approach augmented with a convolutional neural network classifier demonstrated substantial improvement over the VAE backend use case.

show abstract

“…When an automatic speaker verification (ASV) system is presented with fake speech intending to impersonate a live talker then this is commonly referred to as either "spoofing", a replay attack or a presentation attack. Building upon similar challenges from earlier years [1,2,3], detecting replay attacks was the basis for the Physical Access (PA) task of the ASVspoof 2019 Challenge [4]. The aim of our work was to detect whether or not a bona fide live speech recording had been intercepted and subsequently replayed back as non-live speech to an ASV system.…”

Section: Introductionmentioning

confidence: 99%

“…There are numerous variables to be modeled including elements of how the attack was conducted as well as the type of ASV system being attacked. Our approach captured these conditions using a convolutional neural network (CNN) architecture, similar to the top system from the earlier ASVspoof 2017 replay detection challenge [3]. We explored several types of signal features such as those from [2] and our final submission was based on our own specially-trained x-vector [5] embeddings combined with signal features.…”

Section: Introductionmentioning

confidence: 99%

Speech Replay Detection with x-Vector Attack Embeddings and Spectral Features

Williams¹,

Rownicka²

2019

Interspeech 2019

View full text Add to dashboard Cite

We present our system submission to the ASVspoof 2019 Challenge Physical Access (PA) task. The objective for this challenge was to develop a countermeasure that identifies speech audio as either bona fide or intercepted and replayed. The target prediction was a value indicating that a speech segment was bona fide (positive values) or "spoofed" (negative values). Our system used convolutional neural networks (CNNs) and a representation of the speech audio that combined x-vector attack embeddings with signal processing features. The x-vector attack embeddings were created from mel-frequency cepstral coefficients (MFCCs) using a time-delay neural network (TDNN). These embeddings jointly modeled 27 different environments and 9 types of attacks from the labeled data. We also used sub-band spectral centroid magnitude coefficients (SCMCs) as features. We included an additive Gaussian noise layer during training as a way to augment the data to make our system more robust to previously unseen attack examples. We report system performance using the tandem detection cost function (tDCF) and equal error rate (EER). Our approach performed better that both of the challenge baselines. Our technique suggests that our x-vector attack embeddings can help regularize the CNN predictions even when environments or attacks are more challenging.

show abstract

Audio Replay Attack Detection with Deep Learning Frameworks

Cited by 236 publications

References 13 publications

Ensemble Models for Spoofing Detection in Automatic Speaker Verification

Ensemble Models for Spoofing Detection in Automatic Speaker Verification

Deep generative variational autoencoding for replay spoof detection in automatic speaker verification

Speech Replay Detection with x-Vector Attack Embeddings and Spectral Features

Contact Info

Product

Resources

About